Lucene search
+L

324 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2023-50835

Malicious code in bioql PyPI...

5.4CVSS9AI score0.00346EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-40611

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00446EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 6:21 p.m.4 views

CVE-2025-54712 WordPress Easy Elementor Addons Plugin <= 2.2.7 - Broken Access Control Vulnerability

Missing Authorization vulnerability in hashthemes Easy Elementor Addons allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Easy Elementor Addons: from n/a through 2.2.7...

4.3CVSS7.1AI score0.00194EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 6:21 p.m.27 views

CVE-2025-54739

CVE-2025-54739 describes a Missing Authorization (Broken Access Control) vulnerability affecting Nexter Blocks (POSIMYTH) up to version 4.5.4. The issue stems from incorrectly configured access control; CVSS v3.1 base score 5.3 (Medium). Connected sources indicate patching status exists (patched)...

5.3CVSS5.9AI score0.00238EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 10:34 a.m.3 views

CVE-2025-52721 WordPress Global Gallery Plugin <= 9.2.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in LCweb Global Gallery allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Global Gallery: from n/a through 9.2.3...

6.5CVSS7.1AI score0.00261EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/08/01 12:0 a.m.8 views

The vulnerability of the device management platform for systems related to heating, ventilation, and air conditioning, lighting, and energy consumption within the Niagara Framework, as well as the Niagara Enterprise Security tools for access control and security, stems from the absence of necessary encryption steps. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the device management platform for systems for heating, ventilation, and air conditioning, lighting, and energy consumption, as well as the Niagara Framework and the access control and security measures, is related to the absence of the necessary encryption step. Exploiting...

10CVSS5.8AI score0.00318EPSS
Exploits0References5Affected Software2
RedhatCVE
RedhatCVE
added 2025/07/18 10:59 a.m.5 views

CVE-2025-54037

Missing Authorization vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Kit Elementor Addons: from n/a through = 1.3.4...

5.4CVSS5.9AI score0.00216EPSS
Exploits0References1
NVD
NVD
added 2025/07/16 12:15 p.m.6 views

CVE-2025-49319

Missing Authorization vulnerability in WPFactory Wishlist for WooCommerce wish-list-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wishlist for WooCommerce: from n/a through = 3.2.3...

6.5CVSS0.0025EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/16 11:27 a.m.3 views

CVE-2025-49319 WordPress Wishlist for WooCommerce <= 3.2.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in WPFactory Wishlist for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Wishlist for WooCommerce: from n/a through 3.2.3...

6.5CVSS7.2AI score0.0025EPSS
Exploits0References1
NVD
NVD
added 2025/07/16 11:15 a.m.6 views

CVE-2025-54011

Missing Authorization vulnerability in SMTP2GO SMTP2GO smtp2go allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMTP2GO: from n/a through = 1.12.1...

4.3CVSS0.00194EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.5 views

PT-2025-29802 · WordPress · Profiler

Name of the Vulnerable Software and Affected Versions: Profiler - What Slowing Down Your WP versions n/a through 1.0.0 Description: The software contains a missing authorization flaw due to incorrectly configured access control security levels. Recommendations: Versions prior to 1.0.0 are affecte...

6.5CVSS6.1AI score0.00203EPSS
Exploits0References4
CVE
CVE
added 2025/07/08 8:54 p.m.27 views

CVE-2025-7030

CVE-2025-7030 affects Drupal Two-factor Authentication (TFA) module prior to 1.11.0. The root cause is a Privilege Defined With Unsafe Actions vulnerability that hinges on incorrectly configured access controls, allowing bypass of certain privilege checks. Affected versions range from 0.0.0 up to...

6.5CVSS6.7AI score0.00364EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2025/07/08 4:15 p.m.7 views

CVE-2025-3648

A vulnerability has been identified in the Now Platform that could result in data being inferred without authorization. Under certain conditional access control list ACL configurations, this vulnerability could enable unauthenticated and authenticated users to use range query requests to infer...

8.2CVSS0.01664EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/08 10:34 a.m.12 views

CVE-2025-21001

Improper access control in LeAudioService prior to SMR Jul-2025 Release 1 allows local attackers to stop broadcasting Auracast...

6.2CVSS0.00116EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/27 1:20 p.m.15 views

CVE-2025-53200 WordPress ChatBot plugin <= 6.7.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in QuantumCloud ChatBot chatbot allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ChatBot: from n/a through = 6.7.3...

4.3CVSS0.00227EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/27 12:0 a.m.7 views

PT-2025-27136 · Unknown · Dejan Jasnic Trusty Whistleblowing

Name of the Vulnerable Software and Affected Versions: Dejan Jasnic Trusty Whistleblowing versions 1.5.2 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows exploitation of incorrectly configured access control security levels. Recommendations: For...

8.2CVSS6.5AI score0.00237EPSS
Exploits0References3
NVD
NVD
added 2025/06/20 3:15 p.m.5 views

CVE-2025-49971

Missing Authorization vulnerability in aThemeArt Translations eDS Responsive Menu eds-responsive-menu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects eDS Responsive Menu: from n/a through = 1.2...

4.3CVSS0.00235EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/20 3:4 p.m.6 views

CVE-2025-49978 WordPress JobSearch plugin <= 2.9.0 - Insecure Direct Object References (IDOR) Vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in eyecix JobSearch allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects JobSearch: from n/a through 2.9.0...

4.3CVSS4.6AI score0.00322EPSS
Exploits0References1
CVE
CVE
added 2025/06/20 3:4 p.m.22 views

CVE-2025-49979

CVE-2025-49979 concerns the WordPress Media Hygiene plugin (versions

4.3CVSS5.9AI score0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/20 3:4 p.m.22 views

CVE-2025-49979 WordPress Media Hygiene plugin <= 4.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in slui Media Hygiene media-hygiene allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Media Hygiene: from n/a through = 4.0.1...

4.3CVSS0.00242EPSS
Exploits0References1
Rows per page
Query Builder